package com.project.config;

import com.project.shiro.CustomRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    @Bean
    public DefaultWebSecurityManager getSecurityManager(CustomRealm realm){
        //产生安全管理器对象
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        //设置realm，明确数据来源
        manager.setRealm(realm);
        return manager;
    }

    @Bean("shiroFilterFactoryBean")
    public ShiroFilterFactoryBean getFactoryBean(DefaultWebSecurityManager manager){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        factoryBean.setSecurityManager(manager);
        //未登录用户访问受限资源，跳转页面(或者controller方法)
        factoryBean.setLoginUrl("/user/loginError");
        Map<String,String> map = new LinkedHashMap<>();
        //设置公共资源
        map.put("/user/login","anon");
        map.put("/user/changePassword","anon");
        map.put("/swagger-ui/**","anon");
        map.put("/swagger/**", "anon");
        map.put("/swagger-resources/**","anon");
        map.put("/v2/**","anon");
        //设置受限资源
        map.put("/**","authc");
        factoryBean.setFilterChainDefinitionMap(map);

        return factoryBean;
    }
}
